Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25

From: Tom Sellers <nmap () fadedcode net>
Date: Fri, 2 Oct 2009 13:12:27 -0500
Yep. That what I want to do and tried to do but I do not know how to trigger SSL negotiation on an existing socket via NSE. 

Tom

On Oct 2, 2009, at 10:48 AM, SM <sm () resistor net> wrote:


At 16:21 01-10-2009, Tom Sellers wrote:
Basically I am trying to gather information about the SSL certificate that is being used for a SMTP over TLS connection on port 25. The problem is that the session starts out non-SSL. Once the connection is made, and if the server supports it, the client issues the STARTTLS command and then a TLS 
connection is negotiated.
You'll have to establish a non-SSL session first, do an EHLO to see whether the server advertizes STARTTLS and then do the SSL negotiation using the existing session. 

Regards,
-sm



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: